Overview

A Config rule that checks that Amazon ElasticSearch Service nodes are encrypted end to end. The rule is NON_COMPLIANT if the node-to-node encryption is disabled on the domain.

Configuration Templates

Items
1
Size
0.6 KB
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
  ConfigRule:
    Type: 'AWS::Config::ConfigRule'
    Properties:
      ConfigRuleName: elasticsearch-node-to-node-encryption-check
      Description: >-
        A Config rule that checks that Amazon ElasticSearch Service nodes are
        encrypted end to end. The rule is NON_COMPLIANT if the node-to-node
        encryption is disabled on the domain.
      Scope:
        ComplianceResourceTypes:
          - 'AWS::Elasticsearch::Domain'
      Source:
        Owner: AWS
        SourceIdentifier: ELASTICSEARCH_NODE_TO_NODE_ENCRYPTION_CHECK
Parameters: {}
Metadata: {}
Conditions: {}

Actions



Customize Template

Rule Parameters

No rule paramters
 
* Required field

Sources and Documentation

Configuration Source: AWS Documentation

Additional Documentation:

© 2020 asecurecloud Inc. All Rights Reserved.